Homepage thrives on same old mistakes

The spread of the Homepage worm has slowed down today, 24 hours after it began roaring through e-mail servers worldwide, touching off talk of it being bigger than the notorious Love Bug. Homepage did not reach those heights, but it did get around for a variety of reasons that Sophos' senior technology consultant Graham Cluley touches on in this question-and-answer interview with searchSecurity.

By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Why haven't companies or systems managers learned their lesson yet about these VB attachments and just block them?
You tell me. I don't know. We've been saying it for well over a year now, "for heaven's sake run something at your e-mail gateway that blocks these Visual Basic attachments or double extensions." Because, for what reason would anyone have to send you a VB attachment? Bounce it back where it came from. Obviously, they haven't learned their lesson or Anna would not have happened. It's really extraordinary. It's becoming thrice bitten - and not very shy. To be fair, however, there are some companies who are doing this and they're feeling rather smug this morning. So, it's not always because of your anti-virus solutions, but because of the extra stuff you do. Can you talk about the social engineering used here? It's not that clever, why would someone still fall for it?
This is another extraordinary thing about Homepage. The Love Bug went for your heartstrings. Anna went for your groin. This is one of the most pathetic examples of social engineering I have ever seen. All the subject line says is "Hi! You've got to see this page! It's really cool ;O" and that was enough for thousands of people around the world to open it. Obviously, educating users is not working. Perhaps, systems administrators need to take responsibility here. It's disappointing in the 21st century that civilization is so unsophisticated that we can fall for this type of trick over and over and over again. Does an incident like this reinforce the notion that users are more crucial to IT security than technology is?
It's a wake-up call. To the average person on the street, once the headlines have disappeared off the front page of USA Today, the virus problem is gone forever - or at least until the next one pops up. In reality, there are thousands of new viruses a month and not many of them are very high profile. Things are starting to quiet down today. Now is the time to put in that extra level of protection before the next one comes along. Do you think users are becoming numb to some virus alerts because there are many of them and some could be just trumped up by security vendors?
There's a lot of hype in the anti-virus industry. I've seen reports that have Homepage as the second-biggest virus ever and that's complete horn-swaggle. There's no doubt it's been a big deal, but it does not compare to the Love Bug, Anna or Melissa. These viruses were so prolific and affected so many people. There are some anti-virus vendors who hype up viruses. But, as an industry, we need to grow up. It's about trust and if we keep crying wolf, no one is going to believe us when there is a legitimate problem. What's the motivation for writing such a virus that's not necessarily destructive? It's been reported that it could be publicity stunt for the pornography sites that open when the attachment is opened?
Most of these viruses are written by kids and it's similar to doing graffiti. They want to leave their mark on the world. This one is interesting because it forwards your browser to four pornographic Web sites and they are all similar in design and layout. It seems to be the same person behind all of them. And when you realize that? The first page takes you to a scantily dressed girl, the next one she takes off her vest and by the time you get to the end, it tells you if you want to see more, you have to enter your credit card information. It seems it may have been written by an amateur virus writer who is spamming his e-mail list, kind of proactive marketing. Perhaps the authorities need to investigate who owns these Web sites and determine if there is any connection. There are ways to track these guys down. They are remarkably dumb. This type of virus writing is not a new concept.

E-Handbook

0 comments

E-Mail

Username / Password

Password

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy